diff options
-rwxr-xr-x | signko | 42 |
1 files changed, 25 insertions, 17 deletions
@@ -1,6 +1,8 @@ #!/usr/bin/env bash export KVER="$(uname -r)" +SKMDIR="$(mktemp -p /tmp -d skmod.XXXXXX)"||exit 1 +export SKMDIR function hayulp { printf "USAGE: %b [ -k KVER ]\\n" "$(basename "$0")" @@ -28,14 +30,14 @@ if [ ! -r private_key.priv ] || [ ! -r public_key.der ];then fi #printf "We will sign following kernel modules: %b.\n" "$(ls -amA /usr/lib/modules/"$(uname -r)"/extra/nvidia/nvidia{,-uvm}.ko)" -printf "We will sign following kernel modules:\\n%b.\\n" "$(ls -amA /usr/lib/modules/"$KVER"/extra/nvidia/nvidia*.ko /usr/lib/modules/"$KVER"/extra/nvidia/nvidia*.ko.xz 2>/dev/null)" +printf "We will sign following kernel modules:\\n%b.\n" "$(ls -amA /usr/lib/modules/"$KVER"/extra/nvidia/nvidia*.ko /usr/lib/modules/"$KVER"/extra/nvidia/nvidia*.ko.xz 2>/dev/null)" read -rp "Is this OK? [y/N] " PROEMT case "$PROEMT" in "y"|"Y"|"j"|"J") ;; *) exit 1 ;; esac # shellcheck disable=SC2207 -SGDMODS=( $(ls -aA /usr/lib/modules/"$KVER"/extra/nvidia/nvidia*.ko.xz) ) +SGDMODS=( $(ls -aA /usr/lib/modules/"$KVER"/extra/nvidia/nvidia*.ko.xz /usr/lib/modules/"$KVER"/extra/nvidia/nvidia*.ko 2>/dev/null) ) MSGND=0 MSKIP=0 IBAS="/dev/null" @@ -46,14 +48,18 @@ for i in "${SGDMODS[@]}";do fi MODSIG=0 MODGOODSIG=0 IBAS="$(basename "$i")" - printf "[....] Extracting module %b\\033[s..." "$IBAS" - if sudo xz -kd "$i" >/dev/null 2>&1;then - printf "\\033[666D[ \\033[32mOK\\033[0m ]\\033[u\\033[K.\\n" - else - printf "\\033[666D[\\033[31mFAIL\\033[0m]\\033[u\\033[K.\\n" - exit 4 - fi MMOD="$(printf "%b" "$i"|sed 's/\.xz$//')" + COMPR=0 + if printf "%b" "$i"|grep -P '\.ko\.xz$' >/dev/null;then + COMPR=1 + printf "[....] Extracting module %b\\033[s..." "$IBAS" + if sudo rm -f "$MMOD" >/dev/null 2>&1 && sudo xz -kd "$i" >/dev/null 2>&1;then + printf "\\033[666D[ \\033[32mOK\\033[0m ]\\033[u\\033[K.\\n" + else + printf "\\033[666D[\\033[31mFAIL\\033[0m]\\033[u\\033[K.\\n" + exit 4 + fi + fi printf "[....] Signing module %b\\033[s..." "$IBAS" if sudo modinfo "$MMOD"|grep '^sig_id:'|grep 'PKCS#7$' >/dev/null; then MODSIG=1; fi if sudo modinfo "$MMOD"|grep '^signer:'|grep "$SIGNER\$" > /dev/null; then MODGOODSIG=1; fi @@ -73,16 +79,18 @@ for i in "${SGDMODS[@]}";do MSKIP="$((MSKIP+1))" printf "\\033[666D[\\033[1;30mSKIP\\033[0m]\\033[u\\033[K (already signed)\\n" fi - if [ "$MODSIG" -ne 1 ] || [ "$MODGOODSIG" -ne 1 ];then - printf "[....] Compressing module %b\\033[s..." "$IBAS" - if sudo xz "$MMOD" >/dev/null 2>&1;then - printf "\\033[666D[ \\033[32mOK\\033[0m ]\\033[u\\033[K.\\n" + if [ "$COMPR" -eq 1 ];then + if [ "$MODSIG" -ne 1 ] || [ "$MODGOODSIG" -ne 1 ];then + printf "[....] Compressing module %b\\033[s..." "$IBAS" + if sudo rm -f "$i" >/dev/null 2>&1 && sudo xz "$MMOD" >/dev/null 2>&1;then + printf "\\033[666D[ \\033[32mOK\\033[0m ]\\033[u\\033[K.\\n" + else + printf "\\033[666D[\\033[31mFAIL\\033[0m]\\033[u\\033[K.\\n" + exit 5 + fi else - printf "\\033[666D[\\033[31mFAIL\\033[0m]\\033[u\\033[K.\\n" - exit 5 + sudo rm -f "$MMOD"||exit 117 fi - else - sudo rm -f "$MMOD"||exit 117 fi done printf "Summary:\\n" |